U.S. Application No.: 10/681,870 Attorney Docket No.: CIS03-38(7401) 

-2- 

IN THE CLAIMS 



1-2. (Canceled) 

3. (Currently Amended) The method of claim-2 31 wherein th e st e p of add i ng data 
storing data in a connection database comprises th e st e ps of : 

recording a connection requestor identifier to the connection database; and 
providing a connection requestor rank to the connection requestor identifier 

based on an associated application layer outcome of the app li cat i on l ayer connect i on 

component . 

4. (Currently Amended) The method of claim-2 31 wherein th e st e p of updating the 
throttle filter with i nformat i on data from the connection database comprises: 

-periodically replacing throttle filter data with a preselected number of connection 

requestor identifiers ranked least desirable in the connection database. 

5-9. (Canceled) 

1 0. (Currently Amended) The method of claims 31 wherein the connection requests 
is are-afl HTTP requests, the application layer component is an HTTP connection 
component and the transport layer component is_a TCP connection component. 

1 1 . (Currently Amended) The method of claims- 31 wherein the connection requests 
is are- aft HTTPS requests, the application layer component is an HTTPS connection 
component and the transport layer component is_a TCP connection component. 

12. (Canceled) 

1 3. (Currently Amended) The system of claim^2 33 wherein th e s e rv e r conn e ct i on i s 
each received connection request is for an HTTP server connection, the application 
layer connection component is an HTTP connection component, and the transport layer 
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connection component is a TCP connection component. 



14. (Currently Amended) The system of claims 33 wherein th e s e rv e r conn e ct i on i s 
each received connection request is for an HTTPS server connection, the application 
layer connection component is an HTTPS connection component, and the transport 
layer connection component is a TCP connection component. 

15-17. (Canceled) 

18. (Currently Amended) The system of claims 33 wherein the connection 
database is a table i n wh i ch having entries, each entrv4re s having an IP address of a 
connection requestor and an associated rank based on an outcome of a connection 
attempted in response to a connection request from the connection requestor. 

1 9. (Original) The system of claim 1 8 wherein each entry of the table further includes 
a port number of the connection requestor. 

20. (Original) The system of claim 1 8 wherein each entry of the table further includes 
a virtual routing forwarding table ID of the connection requestor. 

21 . (Currently Amended) The system of claims 18 wherein each entry in the table 
includes an entry age, the4itter- computerized device configured to delete entries having 
an entry age that exceeds an age threshold. 

22. (Currently Amended) The system of claim^2- 33 wherein the throttle filter-as 
i nd i cat e d by data from th e databas e compr i se at le ast on e o f comprises : 

a list of IP addresses of connection requestors to be blocked; 
port numbers of connection requestors to be blocked ;-and or 
a virtual routing forwarding table IDs of connection requestors to be blocked. 



23 - 30. (Canceled) 
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31. (New) A method comprising: 

receiving connection requests from connection requestors, each received 
connection request including an application layer connection component, a transport 
layer connection component, and requestor information that includes an identifier of a 
connection requestor; 

dropping a connection request when the identifier of the connection requestor is 
found in a throttle filter, the throttle filter being a dynamic filter including a list of 
identifiers of requestors to be blocked from establishing connections; 

proceeding with the application layer component of the connection request when 
the identifier of the connection requestor is not found in the throttle filter; 

storing, in a connection database, data about received connection requests 
including data about application layer outcomes associated with received connection 
requests that fail to complete a connection; and 

periodically updating the throttle filter with data from the connection database. 

32. (New) The method of claim 31 comprising: 

dropping a connection request when a predetermined limit of created 
connections has been exceeded or a predetermined rate of connection requests has 
been exceeded. 
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33. (New) A system comprising: 

a network interface to receive connection requests from connection requestors, 
each received connection request including an application layer connection component, 
a transport layer connection component, and requestor information that includes an 
identifier of a connection requestor; and 
a computerized device to: 

drop a connection request when the identifier of the connection requestor 
is found in a throttle filter, the throttle filter being a dynamic filter including a list of 
identifiers of requestors to be blocked from establishing connections; 

proceed with the application layer component of the connection request 
when the identifier of the connection requestor is not found in the throttle filter; 

store, in a connection database, data about received connection requests 
including data about application layer outcomes associated with received connection 
requests that fail to complete a connection; and 

periodically update the throttle filter with data from the connection 

database. 

34. (New) The system of claim 33, wherein the computerized device drops a 
connection request when a predetermined limit of created connections has been 
exceeded or a predetermined rate of connection requests has been exceeded. 
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35. (New) A computer program product having a computer-readable medium 
including computer program logic encoded thereon that, when performed on a computer 
system directs the computer system to perform the method of: 

receiving connection requests from connection requestors, each received 
connection request including an application layer connection component, a transport 
layer connection component, and requestor information that includes an identifier of a 
connection requestor; 

dropping a connection request when the identifier of the connection requestor is 
found in a throttle filter, the throttle filter being a dynamic filter including a list of 
identifiers of requestors to be blocked from establishing connections; 

proceeding with the application layer component of the connection request when 
the identifier of the connection requestor is not found in the throttle filter; 

storing, in a connection database, data about received connection requests 
including data about application layer outcomes associated with received connection 
requests that fail to complete a connection; and 

periodically updating the throttle filter with data from the connection database. 



